package net.interest.curation;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import net.interest.curation.model.User;

public class AuthenticationFilter implements Filter{

    public void destroy() {
    }

    public void doFilter(ServletRequest req, ServletResponse resp,
            FilterChain chain) throws IOException, ServletException {
        HttpServletRequest httpReq = (HttpServletRequest)req;
        User user = (User) httpReq.getSession().getAttribute(User.SESSION_USER_ATTR_NAME);
        if(!httpReq.getServletPath().startsWith("/auth") && user == null)
            ((HttpServletResponse)resp).sendRedirect("/auth/login");
        else
            chain.doFilter(req, resp);
    }

    public void init(FilterConfig arg0) throws ServletException {        
    }

}
